1. Field of the Invention
The present invention is generally related to channel security protocols. More particularly, the present invention is related to a system and method for combining user and platform authentication in negotiated channel security protocols.
2. Description
Traditional channel security protocols, such as SSL (Secure Sockets Layer), TLS (Transport Layer Security), and IKE (Internet Key Exchange), negotiate session keys that can be authenticated using digital certificates or shared secrets, such as a pass phrase. Authentication identifies an endpoint of communication, which can be nebulous, considering the complexity that is often associated with the storage and handling of authentication data, such as keys, tokens, secrets, etc.
Platforms containing a Trusted Platform Module (TPM) device may register a platform identity with a registration agent who may then issue an identity credential thereby binding a platform identity with a user identity. This approach provides early binding of user and platform, such that the binding persists outside of the channel used to protect client interactions with another entity. Early binding may also have privacy implications as well as usage constraints.
Traditional key exchange algorithms exchange a random secret, high in entropy, as the basis for temporal session keys. Signing the master secret with an RSA (a public-key encryption technology developed by RSA (Rivest, Shamir, and Adelman) Data Security, Inc.), DSA (Digital Signature Algorithm), or ECDSA (Elliptic Curve Digital Signature Algorithm) asymmetric key authenticates the master secret by associating it with the key holder. The key holder's identity is typically vetted by some authority who binds an asymmetric public key with an identity string, sometimes called a certificate. A public key infrastructure (PKI) may include multiple signers of certificates to capture multiple levels of delegation hierarchy (nesting) and may have multiple roots. Though these additional keys may be included in the handshake exchange, they do not sign the master secret directly, hence, do not simultaneously authenticate the endpoint.
Thus, what is needed is a system and method for combining user and platform credentials to achieve late-binding at the time a secure channel is negotiated. What is also needed is a key exchange algorithm that enables additional keys included in a handshake exchange to sign the master secret directly, thereby simultaneously authenticating the endpoint.